CVE-2012-2902 - Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content E

CVE-2012-2902

Summary

Unrestricted file upload vulnerability in editor/extensions/browser/file.php in the Joomla Content Editor (JCE) component before 2.1 for Joomla!, when chunking is set to greater than zero, allows remote authors to execute arbitrary PHP code by uploading a PHP file with a double extension as demonstrated by .jpg.pht. Per: http://cwe.mitre.org/data/definitions/434.html 'Unrestricted Upload of File with Dangerous Type'

References

Vulnerable Configurations

cpe:2.3:a:ryan_demmer:joomla_content_editor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ryan_demmer:joomla_content_editor:2.0:*:*:*:*:*:*:*
cpe:2.3:a:ryan_demmer:joomla_content_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:ryan_demmer:joomla_content_editor:*:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*

CVSS

Base:	6.0 (as of 29-08-2017 - 01:31)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	SINGLE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:S/C:P/I:P/A:P

refmap via4

bid	51002
confirm	http://www.joomlacontenteditor.net/news/item/jce-21-released?category_id=32
misc	http://secunia.com/secunia_research/2012-15/
osvdb	81980
secunia	49206
xf	jce-joomla-file-file-upload(75671)

Last major update

29-08-2017 - 01:31

Published

21-05-2012 - 18:55

Last modified

29-08-2017 - 01:31